diff --git a/cmd/common.go b/cmd/common.go index b7da8955d..3978b2860 100644 --- a/cmd/common.go +++ b/cmd/common.go @@ -172,6 +172,7 @@ func syncMain(ctx context.Context, filenames []string, dry bool, parallelism, if konnectRuntimeGroup != "" { konnectControlPlane = konnectRuntimeGroup } + konnectConfig.TLSConfig = rootConfig.TLSConfig kongClient, err = GetKongClientForKonnectMode(ctx, &konnectConfig) if err != nil { return err diff --git a/cmd/common_konnect.go b/cmd/common_konnect.go index 8b7048509..16dcde56e 100644 --- a/cmd/common_konnect.go +++ b/cmd/common_konnect.go @@ -32,7 +32,10 @@ func authenticate( func GetKongClientForKonnectMode( ctx context.Context, konnectConfig *utils.KonnectConfig, ) (*kong.Client, error) { - httpClient := utils.HTTPClient() + httpClient, err := utils.HTTPClientWithTLSConfig(konnectConfig.TLSConfig) + if err != nil { + return nil, err + } if konnectConfig.Token != "" { konnectConfig.Headers = append( @@ -45,7 +48,6 @@ func GetKongClientForKonnectMode( } // authenticate with konnect - var err error var konnectClient *konnect.Client var konnectAddress string // get Konnect client @@ -75,6 +77,7 @@ func GetKongClientForKonnectMode( Debug: konnectConfig.Debug, Headers: konnectConfig.Headers, Retryable: true, + TLSConfig: konnectConfig.TLSConfig, }) } @@ -86,6 +89,7 @@ func resetKonnectV2(ctx context.Context) error { konnectControlPlane = defaultControlPlaneName } dumpConfig.KonnectControlPlane = konnectControlPlane + konnectConfig.TLSConfig = rootConfig.TLSConfig client, err := GetKongClientForKonnectMode(ctx, &konnectConfig) if err != nil { return err @@ -113,6 +117,7 @@ func dumpKonnectV2(ctx context.Context) error { konnectControlPlane = defaultControlPlaneName } dumpConfig.KonnectControlPlane = konnectControlPlane + konnectConfig.TLSConfig = rootConfig.TLSConfig client, err := GetKongClientForKonnectMode(ctx, &konnectConfig) if err != nil { return err diff --git a/cmd/gateway_ping.go b/cmd/gateway_ping.go index 3113f6f8f..e5b0a4e71 100644 --- a/cmd/gateway_ping.go +++ b/cmd/gateway_ping.go @@ -50,12 +50,16 @@ can connect to Kong's Admin API.`, } func pingKonnect(ctx context.Context) error { - // get Konnect client - httpClient := utils.HTTPClient() + konnectConfig.TLSConfig = rootConfig.TLSConfig _, err := GetKongClientForKonnectMode(ctx, &konnectConfig) if err != nil { return err } + // get Konnect client + httpClient, err := utils.HTTPClientWithTLSConfig(rootConfig.TLSConfig) + if err != nil { + return err + } konnectClient, err := utils.GetKonnectClient(httpClient, konnectConfig) if err != nil { return err diff --git a/cmd/root.go b/cmd/root.go index c5844bd51..a085009ed 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -312,9 +312,11 @@ func initConfig() { } rootConfig.Address = viper.GetString("kong-addr") - rootConfig.TLSServerName = viper.GetString("tls-server-name") - rootConfig.TLSSkipVerify = viper.GetBool("tls-skip-verify") - rootConfig.TLSCACert = caCertContent + + tlsServerName := viper.GetString("tls-server-name") + tlsSkipVerify := viper.GetBool("tls-skip-verify") + tlsCACert := caCertContent + rootConfig.Headers = extendHeaders(viper.GetStringSlice("headers")) rootConfig.SkipWorkspaceCrud = viper.GetBool("skip-workspace-crud") rootConfig.Debug = (viper.GetInt("verbose") >= 1) @@ -334,7 +336,7 @@ func initConfig() { clientCertContent = strings.TrimRight(clientCertContent, "\n") } } - rootConfig.TLSClientCert = clientCertContent + tlsClientCert := clientCertContent clientKeyContent := viper.GetString("tls-client-key") @@ -350,15 +352,23 @@ func initConfig() { clientKeyContent = strings.TrimRight(clientKeyContent, "\n") } } - rootConfig.TLSClientKey = clientKeyContent + tlsClientKey := clientKeyContent - if (rootConfig.TLSClientKey == "" && rootConfig.TLSClientCert != "") || - (rootConfig.TLSClientKey != "" && rootConfig.TLSClientCert == "") { + if (tlsClientKey == "" && tlsClientCert != "") || + (tlsClientKey != "" && tlsClientCert == "") { fmt.Printf("tls-client-cert and tls-client-key / tls-client-cert-file and tls-client-key-file " + "must be used in conjunction but only one was provided") os.Exit(1) } + rootConfig.TLSConfig = utils.TLSConfig{ + ServerName: tlsServerName, + SkipVerify: tlsSkipVerify, + CACert: tlsCACert, + ClientCert: tlsClientCert, + ClientKey: tlsClientKey, + } + // cookie-jar support rootConfig.CookieJarPath = viper.GetString("kong-cookie-jar-path") diff --git a/go.mod b/go.mod index b6bd25da0..8992bacef 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/fatih/color v1.15.0 github.com/google/go-cmp v0.6.0 github.com/kong/go-apiops v0.1.29 - github.com/kong/go-database-reconciler v1.4.0 + github.com/kong/go-database-reconciler v1.5.0 github.com/kong/go-kong v0.51.1-0.20240125175037-0c077f5b9ac7 github.com/mitchellh/go-homedir v1.1.0 github.com/spf13/cobra v1.8.0 @@ -92,7 +92,7 @@ require ( github.com/sagikazarmark/locafero v0.4.0 // indirect github.com/sagikazarmark/slog-shim v0.1.0 // indirect github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect - github.com/shirou/gopsutil/v3 v3.23.12 // indirect + github.com/shirou/gopsutil/v3 v3.24.1 // indirect github.com/shoenig/go-m1cpu v0.1.6 // indirect github.com/sourcegraph/conc v0.3.0 // indirect github.com/spf13/afero v1.11.0 // indirect diff --git a/go.sum b/go.sum index 73b1f34d5..930828b13 100644 --- a/go.sum +++ b/go.sum @@ -182,8 +182,8 @@ github.com/klauspost/cpuid/v2 v2.2.3 h1:sxCkb+qR91z4vsqw4vGGZlDgPz3G7gjaLyK3V8y7 github.com/klauspost/cpuid/v2 v2.2.3/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= github.com/kong/go-apiops v0.1.29 h1:c+AB8MmGIr+K01Afm4GB2xaOmJnD/8KWMJQkr9qssnc= github.com/kong/go-apiops v0.1.29/go.mod h1:ZNdiTZyVrAssB4wjEYWV7BfpcV9UME9LxnDDZhMPuNU= -github.com/kong/go-database-reconciler v1.4.0 h1:JlKLXUTqdq2vYABJMTiq5h3RJsn7J4EeW+wTA2ojYYk= -github.com/kong/go-database-reconciler v1.4.0/go.mod h1:Q4WgHd6b9oDid+EG8sXhArmL7R/wpA0A/8tI9w37BxU= +github.com/kong/go-database-reconciler v1.5.0 h1:OHUmFFse5nUqcO7FvChITBK9PoXEhZdw95dE4arlhxs= +github.com/kong/go-database-reconciler v1.5.0/go.mod h1:KtstdZjxNI7+jZJRT896iDsS0Yte1x1sX4B2TaaASgk= github.com/kong/go-kong v0.51.1-0.20240125175037-0c077f5b9ac7 h1:/iV93Gwv410lIeJx8VCfCA4fpuvSuTw2LqZpDXsIE9Q= github.com/kong/go-kong v0.51.1-0.20240125175037-0c077f5b9ac7/go.mod h1:YNkLvjxfOqS+BZ1J2YWOy/83wc26JM5QJbAukoeg1sY= github.com/kong/go-slugify v1.0.0 h1:vCFAyf2sdoSlBtLcrmDWUFn0ohlpKiKvQfXZkO5vSKY= @@ -285,8 +285,8 @@ github.com/santhosh-tekuri/jsonschema/v5 v5.3.1/go.mod h1:uToXkOrWAZ6/Oc07xWQrPO github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= -github.com/shirou/gopsutil/v3 v3.23.12 h1:z90NtUkp3bMtmICZKpC4+WaknU1eXtp5vtbQ11DgpE4= -github.com/shirou/gopsutil/v3 v3.23.12/go.mod h1:1FrWgea594Jp7qmjHUUPlJDTPgcsb9mGnXDxavtikzM= +github.com/shirou/gopsutil/v3 v3.24.1 h1:R3t6ondCEvmARp3wxODhXMTLC/klMa87h2PHUw5m7QI= +github.com/shirou/gopsutil/v3 v3.24.1/go.mod h1:UU7a2MSBQa+kW1uuDq8DeEBS8kmrnQwsv2b5O513rwU= github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM= github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ= github.com/shoenig/test v0.6.4 h1:kVTaSd7WLz5WZ2IaoM0RSzRsUD+m8wRR+5qvntpn4LU= @@ -420,7 +420,6 @@ golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=